ChangeWindowMessageFilterEx function (winuser.h)
Modifies the User Interface Privilege Isolation (UIPI) message filter for a specified window.
Syntax
BOOL ChangeWindowMessageFilterEx(
[in] HWND hwnd,
[in] UINT message,
[in] DWORD action,
[in, out, optional] PCHANGEFILTERSTRUCT pChangeFilterStruct
);
Parameters
[in] hwnd
Type: HWND
A handle to the window whose UIPI message filter is to be modified.
[in] message
Type: UINT
The message that the message filter allows through or blocks.
[in] action
Type: DWORD
The action to be performed, and can take one of the following values:
| Value | Meaning |
|---|---|
|
Allows the message through the filter. This enables the message to be received by hWnd, regardless of the source of the message, even it comes from a lower privileged process. |
|
Blocks the message to be delivered to hWnd if it comes from a lower privileged process, unless the message is allowed process-wide by using the ChangeWindowMessageFilter function or globally. |
|
Resets the window message filter for hWnd to the default. Any message allowed globally or process-wide will get through, but any message not included in those two categories, and which comes from a lower privileged process, will be blocked. |
[in, out, optional] pChangeFilterStruct
Type: PCHANGEFILTERSTRUCT
Optional pointer to a CHANGEFILTERSTRUCT structure.
Return value
Type: BOOL
If the function succeeds, it returns TRUE; otherwise, it returns FALSE. To get extended error information, call GetLastError.
Remarks
UIPI is a security feature that prevents messages from being received from a lower-integrity-level sender. You can use this function to allow specific messages to be delivered to a window even if the message originates from a process at a lower integrity level. Unlike the ChangeWindowMessageFilter function, which controls the process message filter, the ChangeWindowMessageFilterEx function controls the window message filter.
An application may use the ChangeWindowMessageFilter function to allow or block a message in a process-wide manner. If the message is allowed by either the process message filter or the window message filter, it will be delivered to the window.
Note that processes at or below SECURITY_MANDATORY_LOW_RID are not allowed to change the message filter. If those processes call this function, it will fail and generate the extended error code, ERROR_ACCESS_DENIED.
Certain messages whose value is smaller than WM_USER are required to be passed through the filter, regardless of the filter setting. There will be no effect when you attempt to use this function to allow or block such messages.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 7 [desktop apps only] |
| Minimum supported server | Windows Server 2008 R2 [desktop apps only] |
| Target Platform | Windows |
| Header | winuser.h (include Windows.h) |
| Library | User32.lib |
| DLL | User32.dll |
| API set | ext-ms-win-ntuser-gui-l1-3-0 (introduced in Windows 10, version 10.0.10240) |
See also
Conceptual
Reference
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for